Jump to content

Change Mode

Help Needed, Logs Attached


Recommended Posts

  • Replies 60
  • Created
  • Last Reply

Top Posters In This Topic

Download the latest version of TDSSKiller from here and save it to your Desktop.

[*]Doubleclick on TDSSKiller.exe to run the application

Posted Image

[*]Then click on Change parameters.

 

Posted Image

[*]Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.

[*]Click the Start Scan button.

 

 

[*]If a suspicious object is detected, the default action will be Skip, click on Continue.

 

Posted Image

[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.

[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

[*]Get the report by selecting Reports

 

Posted Image

[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

Link to post
Share on other sites

Log:

 

21:33:08.0837 0x1134 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:5021:33:16.0429 0x1134 ============================================================21:33:16.0429 0x1134 Current date / time: 2013/12/26 21:33:16.042921:33:16.0429 0x1134 SystemInfo:21:33:16.0430 0x1134 21:33:16.0430 0x1134 OS Version: 6.1.7601 ServicePack: 1.021:33:16.0430 0x1134 Product type: Workstation21:33:16.0430 0x1134 ComputerName: CAROL-HP21:33:16.0430 0x1134 UserName: Carol21:33:16.0430 0x1134 Windows directory: C:Windows21:33:16.0430 0x1134 System windows directory: C:Windows21:33:16.0430 0x1134 Running under WOW6421:33:16.0430 0x1134 Processor architecture: Intel x6421:33:16.0430 0x1134 Number of processors: 421:33:16.0430 0x1134 Page size: 0x100021:33:16.0430 0x1134 Boot type: Normal boot21:33:16.0430 0x1134 ============================================================21:33:20.0023 0x1134 KLMD registered as C:Windowssystem32drivers56918798.sys21:33:20.0495 0x1134 System UUID: {4C48E32A-5DD9-DEFA-CA67-CFA2314E7D7F}21:33:22.0110 0x1134 Drive DeviceHarddisk0DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004021:33:22.0134 0x1134 ============================================================21:33:22.0134 0x1134 DeviceHarddisk0DR0:21:33:22.0135 0x1134 MBR partitions:21:33:22.0135 0x1134 DeviceHarddisk0DR0Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200021:33:22.0135 0x1134 DeviceHarddisk0DR0Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7308900021:33:22.0135 0x1134 DeviceHarddisk0DR0Partition3: MBR, Type 0x7, StartLBA 0x730BB800, BlocksNum 0x164A80021:33:22.0135 0x1134 ============================================================21:33:22.0219 0x1134 C: <-> DeviceHarddisk0DR0Partition221:33:22.0330 0x1134 D: <-> DeviceHarddisk0DR0Partition321:33:22.0330 0x1134 ============================================================21:33:22.0330 0x1134 Initialize success21:33:22.0330 0x1134 ============================================================21:34:03.0034 0x1140 ============================================================21:34:03.0034 0x1140 Scan started21:34:03.0034 0x1140 Mode: Manual; SigCheck; TDLFS;21:34:03.0034 0x1140 ============================================================21:34:03.0034 0x1140 KSN ping started21:34:07.0125 0x1140 KSN ping finished: true21:34:08.0095 0x1140 ================ Scan system memory ========================21:34:08.0095 0x1140 System memory - ok21:34:08.0095 0x1140 ================ Scan services =============================21:34:08.0337 0x1140 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:Windowssystem32drivers1394ohci.sys21:34:08.0447 0x1140 1394ohci - ok21:34:08.0512 0x1140 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:Windowssystem32driversACPI.sys21:34:08.0531 0x1140 ACPI - ok21:34:08.0582 0x1140 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:Windowssystem32driversacpipmi.sys21:34:08.0651 0x1140 AcpiPmi - ok21:34:08.0885 0x1140 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe21:34:08.0900 0x1140 AdobeFlashPlayerUpdateSvc - ok21:34:08.0966 0x1140 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:Windowssystem32driversadp94xx.sys21:34:08.0989 0x1140 adp94xx - ok21:34:09.0058 0x1140 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:Windowssystem32driversadpahci.sys21:34:09.0076 0x1140 adpahci - ok21:34:09.0090 0x1140 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:Windowssystem32driversadpu320.sys21:34:09.0104 0x1140 adpu320 - ok21:34:09.0122 0x1140 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:WindowsSystem32aelupsvc.dll21:34:09.0222 0x1140 AeLookupSvc - ok21:34:09.0296 0x1140 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:Windowssystem32driversafd.sys21:34:09.0423 0x1140 AFD - ok21:34:09.0514 0x1140 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:Windowssystem32driversagp440.sys21:34:09.0568 0x1140 agp440 - ok21:34:09.0584 0x1140 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:WindowsSystem32alg.exe21:34:09.0643 0x1140 ALG - ok21:34:09.0674 0x1140 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:Windowssystem32driversaliide.sys21:34:09.0684 0x1140 aliide - ok21:34:09.0744 0x1140 [ 2FDCB3E855076CE97CCB58E2CF8F2A09, 81D1738401C97F68A0F01A9036F4C7F245B8A375BF2240683A7B30C7C46531AB ] AMD External Events Utility C:Windowssystem32atiesrxx.exe21:34:09.0825 0x1140 AMD External Events Utility - ok21:34:09.0856 0x1140 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:Windowssystem32driversamdide.sys21:34:09.0866 0x1140 amdide - ok21:34:09.0926 0x1140 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:Windowssystem32driversamdk8.sys21:34:09.0970 0x1140 AmdK8 - ok21:34:10.0248 0x1140 [ 9920704BF815A5B42DA5264F013AAEB7, 0E9310A634ABD6506BBC31824BF8C253F83232A689518CF941AC729DCE1EB7CF ] amdkmdag C:Windowssystem32DRIVERSatikmdag.sys21:34:10.0555 0x1140 amdkmdag - ok21:34:10.0613 0x1140 [ 0D1055A47A8F5DC1CAA2701831293EBB, 49D70AE849CABAD4FA2EA58ADD8344ED232D3D541D5E8E7A4417161A62F9E2CE ] amdkmdap C:Windowssystem32DRIVERSatikmpag.sys21:34:10.0655 0x1140 amdkmdap - ok21:34:10.0709 0x1140 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:Windowssystem32driversamdppm.sys21:34:10.0747 0x1140 AmdPPM - ok21:34:10.0783 0x1140 [ F747497A0EE5498F79B207F215B3D2D8, 9052AD0746CF9DC9DC811C49B639CFD4C96A3A0CDB02125E45148301D4DEEEA3 ] amdsata C:Windowssystem32DRIVERSamdsata.sys21:34:10.0820 0x1140 amdsata - ok21:34:10.0852 0x1140 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:Windowssystem32driversamdsbs.sys21:34:10.0866 0x1140 amdsbs - ok21:34:10.0877 0x1140 [ 2946D695E158615BAAA16248E63C7ADB, 059B261BF275CC8EE67453C80B1CDFBE17B383BC7DA22BD66F2CCD4D444D24C7 ] amdxata C:Windowssystem32driversamdxata.sys21:34:10.0886 0x1140 amdxata - ok21:34:10.0936 0x1140 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:Windowssystem32driversappid.sys21:34:11.0055 0x1140 AppID - ok21:34:11.0074 0x1140 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:WindowsSystem32appidsvc.dll21:34:11.0123 0x1140 AppIDSvc - ok21:34:11.0158 0x1140 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:WindowsSystem32appinfo.dll21:34:11.0179 0x1140 Appinfo - ok21:34:11.0321 0x1140 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe21:34:11.0331 0x1140 Apple Mobile Device - ok21:34:11.0404 0x1140 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:Windowssystem32driversarc.sys21:34:11.0416 0x1140 arc - ok21:34:11.0436 0x1140 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:Windowssystem32driversarcsas.sys21:34:11.0448 0x1140 arcsas - ok21:34:11.0542 0x1140 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:WindowsMicrosoft.NETFramework64v4.0.30319aspnet_state.exe21:34:11.0552 0x1140 aspnet_state - ok21:34:11.0608 0x1140 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:Windowssystem32DRIVERSasyncmac.sys21:34:11.0658 0x1140 AsyncMac - ok21:34:11.0704 0x1140 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:Windowssystem32driversatapi.sys21:34:11.0715 0x1140 atapi - ok21:34:11.0766 0x1140 [ E82E61F46D1336447F4DEFF8C074F13E, 9FC152B33F1D9F5684B687743E943AA26AC17A1093F4C31A43C7012E70BC302E ] AtiPcie C:Windowssystem32driversAtiPcie64.sys21:34:11.0775 0x1140 AtiPcie - ok21:34:11.0807 0x1140 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:WindowsSystem32Audiosrv.dll21:34:11.0870 0x1140 AudioEndpointBuilder - ok21:34:11.0889 0x1140 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:WindowsSystem32Audiosrv.dll21:34:11.0931 0x1140 AudioSrv - ok21:34:11.0973 0x1140 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:WindowsSystem32AxInstSV.dll21:34:12.0050 0x1140 AxInstSV - ok21:34:12.0120 0x1140 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:Windowssystem32driversbxvbda.sys21:34:12.0188 0x1140 b06bdrv - ok21:34:12.0242 0x1140 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:Windowssystem32DRIVERSb57nd60a.sys21:34:12.0285 0x1140 b57nd60a - ok21:34:12.0324 0x1140 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:WindowsSystem32bdesvc.dll21:34:12.0374 0x1140 BDESVC - ok21:34:12.0386 0x1140 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:Windowssystem32driversBeep.sys21:34:12.0444 0x1140 Beep - ok21:34:12.0504 0x1140 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:WindowsSystem32bfe.dll21:34:12.0583 0x1140 BFE - ok21:34:12.0797 0x1140 [ 613883A3BAC6920149C83ED751589433, 9846C1EE0916120C56F598AEA9C2C5B8F1AEDA06FDC3CCE8BAFD0480ACE93078 ] BHDrvx64 C:Program Files (x86)Norton Security SuiteNortonData21.1.0.18DefinitionsBASHDefs20131203.001BHDrvx64.sys21:34:12.0847 0x1140 BHDrvx64 - ok21:34:12.0889 0x1140 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:Windowssystem32qmgr.dll21:34:12.0958 0x1140 BITS - ok21:34:13.0003 0x1140 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:Windowssystem32driversblbdrive.sys21:34:13.0033 0x1140 blbdrive - ok21:34:13.0134 0x1140 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:Program FilesBonjourmDNSResponder.exe21:34:13.0153 0x1140 Bonjour Service - ok21:34:13.0216 0x1140 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:Windowssystem32DRIVERSbowser.sys21:34:13.0229 0x1140 bowser - ok21:34:13.0268 0x1140 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:Windowssystem32driversBrFiltLo.sys21:34:13.0301 0x1140 BrFiltLo - ok21:34:13.0324 0x1140 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:Windowssystem32driversBrFiltUp.sys21:34:13.0337 0x1140 BrFiltUp - ok21:34:13.0437 0x1140 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:Windowssystem32DRIVERSbridge.sys21:34:13.0489 0x1140 BridgeMP - ok21:34:13.0528 0x1140 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:WindowsSystem32browser.dll21:34:13.0568 0x1140 Browser - ok21:34:13.0612 0x1140 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:WindowsSystem32DriversBrserid.sys21:34:13.0671 0x1140 Brserid - ok21:34:13.0695 0x1140 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:WindowsSystem32DriversBrSerWdm.sys21:34:13.0727 0x1140 BrSerWdm - ok21:34:13.0750 0x1140 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:WindowsSystem32DriversBrUsbMdm.sys21:34:13.0782 0x1140 BrUsbMdm - ok21:34:13.0809 0x1140 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:WindowsSystem32DriversBrUsbSer.sys21:34:13.0821 0x1140 BrUsbSer - ok21:34:13.0882 0x1140 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:Windowssystem32driversbthmodem.sys21:34:13.0919 0x1140 BTHMODEM - ok21:34:13.0962 0x1140 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:Windowssystem32bthserv.dll21:34:14.0011 0x1140 bthserv - ok21:34:14.0254 0x1140 [ 5B183E26AFE185DE1436479D217154B3, 5FB9583C2D0E12FE8DD78E1728736EA7CD23085C2477E4DA003DBB30EB9A98D8 ] CarboniteService C:Program FilesCarboniteCarbonite Backupcarboniteservice.exe21:34:14.0439 0x1140 CarboniteService - ok21:34:14.0475 0x1140 catchme - ok21:34:14.0777 0x1140 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360 C:Windowssystem32driversN360x641501000.012ccSetx64.sys21:34:14.0812 0x1140 ccSet_N360 - ok21:34:14.0921 0x1140 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:Windowssystem32DRIVERScdfs.sys21:34:15.0017 0x1140 cdfs - ok21:34:15.0112 0x1140 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:Windowssystem32DRIVERScdrom.sys21:34:15.0168 0x1140 cdrom - ok21:34:15.0207 0x1140 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:WindowsSystem32certprop.dll21:34:15.0255 0x1140 CertPropSvc - ok21:34:15.0279 0x1140 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:Windowssystem32driverscirclass.sys21:34:15.0293 0x1140 circlass - ok21:34:15.0316 0x1140 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:Windowssystem32CLFS.sys21:34:15.0335 0x1140 CLFS - ok21:34:15.0421 0x1140 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe21:34:15.0431 0x1140 clr_optimization_v2.0.50727_32 - ok21:34:15.0451 0x1140 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe21:34:15.0462 0x1140 clr_optimization_v2.0.50727_64 - ok21:34:15.0546 0x1140 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe21:34:15.0558 0x1140 clr_optimization_v4.0.30319_32 - ok21:34:15.0580 0x1140 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe21:34:15.0593 0x1140 clr_optimization_v4.0.30319_64 - ok21:34:15.0606 0x1140 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:Windowssystem32driversCmBatt.sys21:34:15.0638 0x1140 CmBatt - ok21:34:15.0673 0x1140 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:Windowssystem32driverscmdide.sys21:34:15.0683 0x1140 cmdide - ok21:34:15.0748 0x1140 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:Windowssystem32Driverscng.sys21:34:15.0804 0x1140 CNG - ok21:34:15.0814 0x1140 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:Windowssystem32driverscompbatt.sys21:34:15.0824 0x1140 Compbatt - ok21:34:15.0881 0x1140 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:Windowssystem32driversCompositeBus.sys21:34:15.0917 0x1140 CompositeBus - ok21:34:15.0926 0x1140 COMSysApp - ok21:34:15.0952 0x1140 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:Windowssystem32driverscrcdisk.sys21:34:15.0962 0x1140 crcdisk - ok21:34:16.0020 0x1140 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:Windowssystem32cryptsvc.dll21:34:16.0071 0x1140 CryptSvc - ok21:34:16.0110 0x1140 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:Windowssystem32rpcss.dll21:34:16.0172 0x1140 DcomLaunch - ok21:34:16.0210 0x1140 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:WindowsSystem32defragsvc.dll21:34:16.0274 0x1140 defragsvc - ok21:34:16.0318 0x1140 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:Windowssystem32Driversdfsc.sys21:34:16.0365 0x1140 DfsC - ok21:34:16.0413 0x1140 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:Windowssystem32dhcpcore.dll21:34:16.0461 0x1140 Dhcp - ok21:34:16.0487 0x1140 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:Windowssystem32driversdiscache.sys21:34:16.0548 0x1140 discache - ok21:34:16.0589 0x1140 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:Windowssystem32driversdisk.sys21:34:16.0601 0x1140 Disk - ok21:34:16.0660 0x1140 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:WindowsSystem32dnsrslvr.dll21:34:16.0716 0x1140 Dnscache - ok21:34:16.0741 0x1140 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:WindowsSystem32dot3svc.dll21:34:16.0807 0x1140 dot3svc - ok21:34:16.0838 0x1140 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:Windowssystem32dps.dll21:34:16.0892 0x1140 DPS - ok21:34:16.0942 0x1140 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:Windowssystem32driversdrmkaud.sys21:34:16.0993 0x1140 drmkaud - ok21:34:17.0050 0x1140 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:WindowsSystem32driversdxgkrnl.sys21:34:17.0088 0x1140 DXGKrnl - ok21:34:17.0138 0x1140 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:WindowsSystem32eapsvc.dll21:34:17.0190 0x1140 EapHost - ok21:34:17.0306 0x1140 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:Windowssystem32driversevbda.sys21:34:17.0417 0x1140 ebdrv - ok21:34:17.0517 0x1140 [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl C:Program Files (x86)Common FilesSymantec SharedEENGINEeeCtrl64.sys21:34:17.0538 0x1140 eeCtrl - ok21:34:17.0586 0x1140 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:WindowsSystem32lsass.exe21:34:17.0632 0x1140 EFS - ok21:34:17.0673 0x1140 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:WindowsehomeehRecvr.exe21:34:17.0745 0x1140 ehRecvr - ok21:34:17.0759 0x1140 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:Windowsehomeehsched.exe21:34:17.0773 0x1140 ehSched - ok21:34:17.0835 0x1140 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:Windowssystem32driverselxstor.sys21:34:17.0859 0x1140 elxstor - ok21:34:17.0926 0x1140 [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:Program Files (x86)Common FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys21:34:17.0992 0x1140 EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic ( 1 )21:34:20.0772 0x1140 Detect skipped due to KSN trusted21:34:20.0772 0x1140 EraserUtilRebootDrv - ok21:34:20.0824 0x1140 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:Windowssystem32driverserrdev.sys21:34:20.0858 0x1140 ErrDev - ok21:34:20.0912 0x1140 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:Windowssystem32es.dll21:34:20.0970 0x1140 EventSystem - ok21:34:21.0006 0x1140 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:Windowssystem32driversexfat.sys21:34:21.0039 0x1140 exfat - ok21:34:21.0058 0x1140 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:Windowssystem32driversfastfat.sys21:34:21.0112 0x1140 fastfat - ok21:34:21.0156 0x1140 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:Windowssystem32fxssvc.exe21:34:21.0229 0x1140 Fax - ok21:34:21.0238 0x1140 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:Windowssystem32driversfdc.sys21:34:21.0269 0x1140 fdc - ok21:34:21.0300 0x1140 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:Windowssystem32fdPHost.dll21:34:21.0352 0x1140 fdPHost - ok21:34:21.0372 0x1140 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:Windowssystem32fdrespub.dll21:34:21.0400 0x1140 FDResPub - ok21:34:21.0458 0x1140 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:Windowssystem32driversfileinfo.sys21:34:21.0470 0x1140 FileInfo - ok21:34:21.0478 0x1140 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:Windowssystem32driversfiletrace.sys21:34:21.0525 0x1140 Filetrace - ok21:34:21.0548 0x1140 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:Windowssystem32driversflpydisk.sys21:34:21.0560 0x1140 flpydisk - ok21:34:21.0577 0x1140 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:Windowssystem32driversfltmgr.sys21:34:21.0594 0x1140 FltMgr - ok21:34:21.0671 0x1140 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:Windowssystem32FntCache.dll21:34:21.0725 0x1140 FontCache - ok21:34:21.0771 0x1140 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe21:34:21.0781 0x1140 FontCache3.0.0.0 - ok21:34:21.0799 0x1140 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:Windowssystem32driversFsDepends.sys21:34:21.0811 0x1140 FsDepends - ok21:34:21.0860 0x1140 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:Windowssystem32driversFs_Rec.sys21:34:21.0871 0x1140 Fs_Rec - ok21:34:21.0936 0x1140 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:Windowssystem32DRIVERSfvevol.sys21:34:21.0954 0x1140 fvevol - ok21:34:21.0998 0x1140 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:Windowssystem32driversgagp30kx.sys21:34:22.0010 0x1140 gagp30kx - ok21:34:22.0081 0x1140 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:Program Files (x86)WildTangent GamesAppGamesAppService.exe21:34:22.0094 0x1140 GamesAppService - ok21:34:22.0159 0x1140 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:Windowssystem32DRIVERSGEARAspiWDM.sys21:34:22.0167 0x1140 GEARAspiWDM - ok21:34:22.0239 0x1140 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:WindowsSystem32gpsvc.dll21:34:22.0287 0x1140 gpsvc - ok21:34:22.0415 0x1140 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:Program Files (x86)GoogleUpdateGoogleUpdate.exe21:34:22.0426 0x1140 gupdate - ok21:34:22.0430 0x1140 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:Program Files (x86)GoogleUpdateGoogleUpdate.exe21:34:22.0440 0x1140 gupdatem - ok21:34:22.0499 0x1140 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe21:34:22.0512 0x1140 gusvc - ok21:34:22.0519 0x1140 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:Windowssystem32drivershcw85cir.sys21:34:22.0579 0x1140 hcw85cir - ok21:34:22.0633 0x1140 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:Windowssystem32driversHdAudio.sys21:34:22.0674 0x1140 HdAudAddService - ok21:34:22.0716 0x1140 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:Windowssystem32DRIVERSHDAudBus.sys21:34:22.0756 0x1140 HDAudBus - ok21:34:22.0791 0x1140 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:Windowssystem32driversHidBatt.sys21:34:22.0804 0x1140 HidBatt - ok21:34:22.0816 0x1140 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:Windowssystem32drivershidbth.sys21:34:22.0854 0x1140 HidBth - ok21:34:22.0897 0x1140 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:Windowssystem32drivershidir.sys21:34:22.0911 0x1140 HidIr - ok21:34:22.0930 0x1140 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:WindowsSystem32hidserv.dll21:34:22.0958 0x1140 hidserv - ok21:34:23.0022 0x1140 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:Windowssystem32drivershidusb.sys21:34:23.0107 0x1140 HidUsb - ok21:34:23.0141 0x1140 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:Windowssystem32kmsvc.dll21:34:23.0280 0x1140 hkmsvc - ok21:34:23.0318 0x1140 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:Windowssystem32ListSvc.dll21:34:23.0339 0x1140 HomeGroupListener - ok21:34:23.0359 0x1140 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:Windowssystem32provsvc.dll21:34:23.0397 0x1140 HomeGroupProvider - ok21:34:23.0481 0x1140 [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe21:34:23.0510 0x1140 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )21:34:26.0177 0x1140 Detect skipped due to KSN trusted21:34:26.0177 0x1140 HP Support Assistant Service - ok21:34:26.0268 0x1140 [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe21:34:26.0284 0x1140 HPClientSvc - ok21:34:26.0364 0x1140 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe21:34:26.0397 0x1140 hpqwmiex - ok21:34:26.0457 0x1140 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:Windowssystem32driversHpSAMD.sys21:34:26.0469 0x1140 HpSAMD - ok21:34:26.0536 0x1140 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:Windowssystem32driversHTTP.sys21:34:26.0603 0x1140 HTTP - ok21:34:26.0636 0x1140 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:Windowssystem32drivershwpolicy.sys21:34:26.0646 0x1140 hwpolicy - ok21:34:26.0715 0x1140 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:Windowssystem32driversi8042prt.sys21:34:26.0728 0x1140 i8042prt - ok21:34:26.0758 0x1140 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:Windowssystem32driversiaStorV.sys21:34:26.0778 0x1140 iaStorV - ok21:34:26.0827 0x1140 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:WindowsMicrosoft.NETFramework64v3.0Windows Communication Foundationinfocard.exe21:34:26.0857 0x1140 idsvc - ok21:34:27.0010 0x1140 [ D7CB14B41DA52DF2EC143768E02F0E97, 97D6A49CA10508454F487F87F14249AE11646E365E89E3A2854AE05834DE9575 ] IDSVia64 C:Program Files (x86)Norton Security SuiteNortonData21.1.0.18DefinitionsIPSDefs20131225.001IDSvia64.sys21:34:27.0032 0x1140 IDSVia64 - ok21:34:27.0083 0x1140 IEEtwCollectorService - ok21:34:27.0323 0x1140 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:Windowssystem32DRIVERSigdkmd64.sys21:34:27.0545 0x1140 igfx - ok21:34:27.0591 0x1140 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:Windowssystem32driversiirsp.sys21:34:27.0602 0x1140 iirsp - ok21:34:27.0645 0x1140 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:WindowsSystem32ikeext.dll21:34:27.0704 0x1140 IKEEXT - ok21:34:27.0805 0x1140 [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:Windowssystem32driversRTKVHD64.sys21:34:27.0880 0x1140 IntcAzAudAddService - ok21:34:27.0898 0x1140 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:Windowssystem32driversintelide.sys21:34:27.0909 0x1140 intelide - ok21:34:27.0955 0x1140 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:Windowssystem32driversintelppm.sys21:34:27.0968 0x1140 intelppm - ok21:34:27.0983 0x1140 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:Windowssystem32ipbusenum.dll21:34:28.0036 0x1140 IPBusEnum - ok21:34:28.0069 0x1140 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:Windowssystem32DRIVERSipfltdrv.sys21:34:28.0098 0x1140 IpFilterDriver - ok21:34:28.0161 0x1140 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:WindowsSystem32iphlpsvc.dll21:34:28.0229 0x1140 iphlpsvc - ok21:34:28.0245 0x1140 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:Windowssystem32driversIPMIDrv.sys21:34:28.0282 0x1140 IPMIDRV - ok21:34:28.0309 0x1140 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:Windowssystem32driversipnat.sys21:34:28.0365 0x1140 IPNAT - ok21:34:28.0423 0x1140 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:Program FilesiPodbiniPodService.exe21:34:28.0448 0x1140 iPod Service - ok21:34:28.0500 0x1140 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:Windowssystem32driversirenum.sys21:34:28.0515 0x1140 IRENUM - ok21:34:28.0530 0x1140 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:Windowssystem32driversisapnp.sys21:34:28.0540 0x1140 isapnp - ok21:34:28.0561 0x1140 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:Windowssystem32driversmsiscsi.sys21:34:28.0578 0x1140 iScsiPrt - ok21:34:28.0624 0x1140 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:Windowssystem32DRIVERSkbdclass.sys21:34:28.0636 0x1140 kbdclass - ok21:34:28.0695 0x1140 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:Windowssystem32DRIVERSkbdhid.sys21:34:28.0728 0x1140 kbdhid - ok21:34:28.0752 0x1140 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:Windowssystem32lsass.exe21:34:28.0762 0x1140 KeyIso - ok21:34:28.0804 0x1140 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:Windowssystem32Driversksecdd.sys21:34:28.0816 0x1140 KSecDD - ok21:34:28.0827 0x1140 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:Windowssystem32Driversksecpkg.sys21:34:28.0841 0x1140 KSecPkg - ok21:34:28.0858 0x1140 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:Windowssystem32driversksthunk.sys21:34:28.0905 0x1140 ksthunk - ok21:34:28.0946 0x1140 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:Windowssystem32msdtckrm.dll21:34:29.0002 0x1140 KtmRm - ok21:34:29.0053 0x1140 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:WindowsSystem32srvsvc.dll21:34:29.0105 0x1140 LanmanServer - ok21:34:29.0148 0x1140 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:WindowsSystem32wkssvc.dll21:34:29.0200 0x1140 LanmanWorkstation - ok21:34:29.0262 0x1140 [ 797289607A5EBF31353AA5EAD141F872, 4E3F8635F61DBFEEA3737EEB013F3B0A07B044A6F0D49901EB476B3904E98D2A ] Leapfrog-USBLAN C:Windowssystem32DRIVERSbtblan.sys21:34:29.0278 0x1140 Leapfrog-USBLAN - ok21:34:29.0336 0x1140 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:Windowssystem32DRIVERSlltdio.sys21:34:29.0388 0x1140 lltdio - ok21:34:29.0429 0x1140 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:WindowsSystem32lltdsvc.dll21:34:29.0485 0x1140 lltdsvc - ok21:34:29.0512 0x1140 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:WindowsSystem32lmhsvc.dll21:34:29.0541 0x1140 lmhosts - ok21:34:29.0585 0x1140 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:Windowssystem32driverslsi_fc.sys21:34:29.0597 0x1140 LSI_FC - ok21:34:29.0618 0x1140 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:Windowssystem32driverslsi_sas.sys21:34:29.0636 0x1140 LSI_SAS - ok21:34:29.0651 0x1140 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:Windowssystem32driverslsi_sas2.sys21:34:29.0661 0x1140 LSI_SAS2 - ok21:34:29.0682 0x1140 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:Windowssystem32driverslsi_scsi.sys21:34:29.0694 0x1140 LSI_SCSI - ok21:34:29.0709 0x1140 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:Windowssystem32driversluafv.sys21:34:29.0765 0x1140 luafv - ok21:34:29.0835 0x1140 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:Windowssystem32driversmbam.sys21:34:29.0845 0x1140 MBAMProtector - ok21:34:29.0950 0x1140 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe21:34:29.0969 0x1140 MBAMScheduler - ok21:34:30.0003 0x1140 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe21:34:30.0029 0x1140 MBAMService - ok21:34:30.0056 0x1140 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:Windowssystem32Mcx2Svc.dll21:34:30.0069 0x1140 Mcx2Svc - ok21:34:30.0088 0x1140 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:Windowssystem32driversmegasas.sys21:34:30.0098 0x1140 megasas - ok21:34:30.0210 0x1140 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:Windowssystem32driversMegaSR.sys21:34:30.0257 0x1140 MegaSR - ok21:34:30.0489 0x1140 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe21:34:30.0501 0x1140 Microsoft Office Groove Audit Service - ok21:34:30.0511 0x1140 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:Windowssystem32mmcss.dll21:34:30.0563 0x1140 MMCSS - ok21:34:30.0598 0x1140 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:Windowssystem32driversmodem.sys21:34:30.0629 0x1140 Modem - ok21:34:30.0690 0x1140 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:Windowssystem32DRIVERSmonitor.sys21:34:30.0721 0x1140 monitor - ok21:34:30.0759 0x1140 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:Windowssystem32DRIVERSmouclass.sys21:34:30.0770 0x1140 mouclass - ok21:34:30.0775 0x1140 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:Windowssystem32DRIVERSmouhid.sys21:34:30.0804 0x1140 mouhid - ok21:34:30.0831 0x1140 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:Windowssystem32driversmountmgr.sys21:34:30.0843 0x1140 mountmgr - ok21:34:30.0932 0x1140 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe21:34:30.0945 0x1140 MozillaMaintenance - ok21:34:30.0960 0x1140 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:Windowssystem32driversmpio.sys21:34:30.0974 0x1140 mpio - ok21:34:31.0030 0x1140 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:Windowssystem32driversmpsdrv.sys21:34:31.0060 0x1140 mpsdrv - ok21:34:31.0099 0x1140 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:Windowssystem32mpssvc.dll21:34:31.0167 0x1140 MpsSvc - ok21:34:31.0209 0x1140 MREMP50 - ok21:34:31.0213 0x1140 MREMP50a64 - ok21:34:31.0214 0x1140 MREMPR5 - ok21:34:31.0215 0x1140 MRENDIS5 - ok21:34:31.0267 0x1140 MRESP50 - ok21:34:31.0268 0x1140 MRESP50a64 - ok21:34:31.0304 0x1140 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:Windowssystem32driversmrxdav.sys21:34:31.0340 0x1140 MRxDAV - ok21:34:31.0392 0x1140 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:Windowssystem32DRIVERSmrxsmb.sys21:34:31.0448 0x1140 mrxsmb - ok21:34:31.0466 0x1140 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:Windowssystem32DRIVERSmrxsmb10.sys21:34:31.0484 0x1140 mrxsmb10 - ok21:34:31.0492 0x1140 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:Windowssystem32DRIVERSmrxsmb20.sys21:34:31.0504 0x1140 mrxsmb20 - ok21:34:31.0527 0x1140 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:Windowssystem32driversmsahci.sys21:34:31.0538 0x1140 msahci - ok21:34:31.0565 0x1140 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:Windowssystem32driversmsdsm.sys21:34:31.0578 0x1140 msdsm - ok21:34:31.0596 0x1140 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:WindowsSystem32msdtc.exe21:34:31.0634 0x1140 MSDTC - ok21:34:31.0683 0x1140 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:Windowssystem32driversMsfs.sys21:34:31.0710 0x1140 Msfs - ok21:34:31.0718 0x1140 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:WindowsSystem32driversmshidkmdf.sys21:34:31.0745 0x1140 mshidkmdf - ok21:34:31.0766 0x1140 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:Windowssystem32driversmsisadrv.sys21:34:31.0776 0x1140 msisadrv - ok21:34:31.0842 0x1140 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:Windowssystem32iscsiexe.dll21:34:31.0898 0x1140 MSiSCSI - ok21:34:31.0901 0x1140 msiserver - ok21:34:31.0935 0x1140 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:Windowssystem32driversMSKSSRV.sys21:34:31.0963 0x1140 MSKSSRV - ok21:34:31.0969 0x1140 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:Windowssystem32driversMSPCLOCK.sys21:34:31.0996 0x1140 MSPCLOCK - ok21:34:32.0012 0x1140 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:Windowssystem32driversMSPQM.sys21:34:32.0061 0x1140 MSPQM - ok21:34:32.0113 0x1140 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:Windowssystem32driversMsRPC.sys21:34:32.0171 0x1140 MsRPC - ok21:34:32.0192 0x1140 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:Windowssystem32driversmssmbios.sys21:34:32.0201 0x1140 mssmbios - ok21:34:32.0211 0x1140 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:Windowssystem32driversMSTEE.sys21:34:32.0257 0x1140 MSTEE - ok21:34:32.0281 0x1140 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:Windowssystem32driversMTConfig.sys21:34:32.0292 0x1140 MTConfig - ok21:34:32.0329 0x1140 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:Windowssystem32Driversmup.sys21:34:32.0340 0x1140 Mup - ok21:34:32.0700 0x1140 [ D57EC83468C328E2C3029A0BAA722072, 71714FCCDF625A0959FDB4E70FCCBCF184345537BE9509987F798837B392653E ] N360 C:Program Files (x86)Norton Security SuiteEngine21.1.0.18N360.exe21:34:32.0716 0x1140 N360 - ok21:34:32.0749 0x1140 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:Windowssystem32qagentRT.dll21:34:32.0823 0x1140 napagent - ok21:34:32.0915 0x1140 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:Windowssystem32DRIVERSnwifi.sys21:34:32.0968 0x1140 NativeWifiP - ok21:34:33.0051 0x1140 [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG C:Program Files (x86)Norton Security SuiteNortonData21.1.0.18DefinitionsVirusDefs20131226.016ENG64.SYS21:34:33.0064 0x1140 NAVENG - ok21:34:33.0146 0x1140 [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15 C:Program Files (x86)Norton Security SuiteNortonData21.1.0.18DefinitionsVirusDefs20131226.016EX64.SYS21:34:33.0209 0x1140 NAVEX15 - ok21:34:33.0260 0x1140 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:Windowssystem32driversndis.sys21:34:33.0294 0x1140 NDIS - ok21:34:33.0354 0x1140 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:Windowssystem32DRIVERSndiscap.sys21:34:33.0402 0x1140 NdisCap - ok21:34:33.0438 0x1140 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:Windowssystem32DRIVERSndistapi.sys21:34:33.0467 0x1140 NdisTapi - ok21:34:33.0517 0x1140 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:Windowssystem32DRIVERSndisuio.sys21:34:33.0545 0x1140 Ndisuio - ok21:34:33.0557 0x1140 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:Windowssystem32DRIVERSndiswan.sys21:34:33.0613 0x1140 NdisWan - ok21:34:33.0634 0x1140 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:Windowssystem32driversNDProxy.sys21:34:33.0662 0x1140 NDProxy - ok21:34:33.0673 0x1140 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:Windowssystem32DRIVERSnetbios.sys21:34:33.0720 0x1140 NetBIOS - ok21:34:33.0762 0x1140 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:Windowssystem32DRIVERSnetbt.sys21:34:33.0795 0x1140 NetBT - ok21:34:33.0819 0x1140 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:Windowssystem32lsass.exe21:34:33.0829 0x1140 Netlogon - ok21:34:33.0870 0x1140 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:WindowsSystem32netman.dll21:34:33.0930 0x1140 Netman - ok21:34:33.0964 0x1140 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe21:34:33.0975 0x1140 NetMsmqActivator - ok21:34:33.0979 0x1140 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe21:34:33.0989 0x1140 NetPipeActivator - ok21:34:34.0011 0x1140 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:WindowsSystem32netprofm.dll21:34:34.0072 0x1140 netprofm - ok21:34:34.0077 0x1140 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe21:34:34.0088 0x1140 NetTcpActivator - ok21:34:34.0092 0x1140 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7

Link to post
Share on other sites

Trying again -

 

WindowsSystem32vds.exe07:14:53.0569 0x07d8 vds - ok07:14:53.0600 0x07d8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:Windowssystem32DRIVERSvgapnp.sys07:14:53.0632 0x07d8 vga - ok07:14:53.0663 0x07d8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:WindowsSystem32driversvga.sys07:14:53.0694 0x07d8 VgaSave - ok07:14:53.0710 0x07d8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:Windowssystem32driversvhdmp.sys07:14:53.0725 0x07d8 vhdmp - ok07:14:53.0756 0x07d8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:Windowssystem32driversviaide.sys07:14:53.0756 0x07d8 viaide - ok07:14:53.0772 0x07d8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:Windowssystem32driversvolmgr.sys07:14:53.0788 0x07d8 volmgr - ok07:14:53.0803 0x07d8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:Windowssystem32driversvolmgrx.sys07:14:53.0834 0x07d8 volmgrx - ok07:14:53.0850 0x07d8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:Windowssystem32driversvolsnap.sys07:14:53.0866 0x07d8 volsnap - ok07:14:53.0881 0x07d8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:Windowssystem32driversvsmraid.sys07:14:53.0897 0x07d8 vsmraid - ok07:14:53.0959 0x07d8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:Windowssystem32vssvc.exe07:14:54.0022 0x07d8 VSS - ok07:14:54.0053 0x07d8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:WindowsSystem32driversvwifibus.sys07:14:54.0100 0x07d8 vwifibus - ok07:14:54.0146 0x07d8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:Windowssystem32w32time.dll07:14:54.0178 0x07d8 W32Time - ok07:14:54.0193 0x07d8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:Windowssystem32driverswacompen.sys07:14:54.0240 0x07d8 WacomPen - ok07:14:54.0271 0x07d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:Windowssystem32DRIVERSwanarp.sys07:14:54.0318 0x07d8 WANARP - ok07:14:54.0334 0x07d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:Windowssystem32DRIVERSwanarp.sys07:14:54.0349 0x07d8 Wanarpv6 - ok07:14:54.0505 0x07d8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:Windowssystem32WatWatAdminSvc.exe07:14:54.0552 0x07d8 WatAdminSvc - ok07:14:54.0614 0x07d8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:Windowssystem32wbengine.exe07:14:54.0708 0x07d8 wbengine - ok07:14:54.0724 0x07d8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:WindowsSystem32wbiosrvc.dll07:14:54.0755 0x07d8 WbioSrvc - ok07:14:54.0770 0x07d8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:WindowsSystem32wcncsvc.dll07:14:54.0817 0x07d8 wcncsvc - ok07:14:54.0833 0x07d8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:WindowsSystem32WcsPlugInService.dll07:14:54.0864 0x07d8 WcsPlugInService - ok07:14:54.0880 0x07d8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:Windowssystem32driverswd.sys07:14:54.0895 0x07d8 Wd - ok07:14:54.0942 0x07d8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:Windowssystem32driversWdf01000.sys07:14:54.0973 0x07d8 Wdf01000 - ok07:14:55.0020 0x07d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:Windowssystem32wdi.dll07:14:55.0098 0x07d8 WdiServiceHost - ok07:14:55.0098 0x07d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:Windowssystem32wdi.dll07:14:55.0129 0x07d8 WdiSystemHost - ok07:14:55.0223 0x07d8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:WindowsSystem32webclnt.dll07:14:55.0285 0x07d8 WebClient - ok07:14:55.0316 0x07d8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:Windowssystem32wecsvc.dll07:14:55.0348 0x07d8 Wecsvc - ok07:14:55.0363 0x07d8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:WindowsSystem32wercplsupport.dll07:14:55.0394 0x07d8 wercplsupport - ok07:14:55.0441 0x07d8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:WindowsSystem32WerSvc.dll07:14:55.0472 0x07d8 WerSvc - ok07:14:55.0535 0x07d8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:Windowssystem32DRIVERSwfplwf.sys07:14:55.0566 0x07d8 WfpLwf - ok07:14:55.0566 0x07d8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:Windowssystem32driverswimmount.sys07:14:55.0582 0x07d8 WIMMount - ok07:14:55.0613 0x07d8 WinDefend - ok07:14:55.0628 0x07d8 WinHttpAutoProxySvc - ok07:14:55.0706 0x07d8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:Windowssystem32wbemWMIsvc.dll07:14:55.0753 0x07d8 Winmgmt - ok07:14:55.0878 0x07d8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:Windowssystem32WsmSvc.dll07:14:55.0972 0x07d8 WinRM - ok07:14:56.0018 0x07d8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:Windowssystem32DRIVERSWinUsb.sys07:14:56.0034 0x07d8 WinUsb - ok07:14:56.0065 0x07d8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:WindowsSystem32wlansvc.dll07:14:56.0128 0x07d8 Wlansvc - ok07:14:56.0190 0x07d8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:Program FilesWindows LiveMeshwlcrasvc.exe07:14:56.0190 0x07d8 wlcrasvc - ok07:14:56.0393 0x07d8 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE07:14:56.0471 0x07d8 wlidsvc - ok07:14:56.0518 0x07d8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:Windowssystem32driverswmiacpi.sys07:14:56.0549 0x07d8 WmiAcpi - ok07:14:56.0580 0x07d8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:Windowssystem32wbemWmiApSrv.exe07:14:56.0627 0x07d8 wmiApSrv - ok07:14:56.0658 0x07d8 WMPNetworkSvc - ok07:14:56.0674 0x07d8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:WindowsSystem32wpcsvc.dll07:14:56.0689 0x07d8 WPCSvc - ok07:14:56.0705 0x07d8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:Windowssystem32wpdbusenum.dll07:14:56.0720 0x07d8 WPDBusEnum - ok07:14:56.0752 0x07d8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:Windowssystem32driversws2ifsl.sys07:14:56.0798 0x07d8 ws2ifsl - ok07:14:56.0814 0x07d8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:Windowssystem32wscsvc.dll07:14:56.0861 0x07d8 wscsvc - ok07:14:56.0908 0x07d8 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:Windowssystem32DRIVERSWSDPrint.sys07:14:56.0923 0x07d8 WSDPrintDevice - ok07:14:56.0923 0x07d8 WSearch - ok07:14:57.0017 0x07d8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:Windowssystem32wuaueng.dll07:14:57.0095 0x07d8 wuauserv - ok07:14:57.0126 0x07d8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:Windowssystem32driversWudfPf.sys07:14:57.0188 0x07d8 WudfPf - ok07:14:57.0251 0x07d8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:Windowssystem32DRIVERSWUDFRd.sys07:14:57.0282 0x07d8 WUDFRd - ok07:14:57.0313 0x07d8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:WindowsSystem32WUDFSvc.dll07:14:57.0344 0x07d8 wudfsvc - ok07:14:57.0391 0x07d8 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:WindowsSystem32wwansvc.dll07:14:57.0407 0x07d8 WwanSvc - ok07:14:57.0438 0x07d8 ================ Scan global ===============================07:14:57.0469 0x07d8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:Windowssystem32basesrv.dll07:14:57.0516 0x07d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:Windowssystem32winsrv.dll07:14:57.0516 0x07d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:Windowssystem32winsrv.dll07:14:57.0547 0x07d8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:Windowssystem32sxssrv.dll07:14:57.0578 0x07d8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:Windowssystem32services.exe07:14:57.0578 0x07d8 [ Global ] - ok07:14:57.0578 0x07d8 ================ Scan MBR ==================================07:14:57.0578 0x07d8 [ 12AA7B560DD722627FB3D07C8E9CDA75 ] DeviceHarddisk0DR007:14:58.0187 0x07d8 DeviceHarddisk0DR0 - ok07:14:58.0187 0x07d8 ================ Scan VBR ==================================07:14:58.0202 0x07d8 [ 3316F55016FAE834DF624E8C596D772E ] DeviceHarddisk0DR0Partition107:14:58.0202 0x07d8 DeviceHarddisk0DR0Partition1 - ok07:14:58.0202 0x07d8 [ EF77508D1F83CE638074DCB279DE0785 ] DeviceHarddisk0DR0Partition207:14:58.0202 0x07d8 DeviceHarddisk0DR0Partition2 - ok07:14:58.0234 0x07d8 [ 62A4D509CE0B762279B9FC5A090B5279 ] DeviceHarddisk0DR0Partition307:14:58.0234 0x07d8 DeviceHarddisk0DR0Partition3 - ok07:14:58.0234 0x07d8 Waiting for KSN requests completion. In queue: 8107:14:59.0248 0x07d8 Waiting for KSN requests completion. In queue: 8107:15:00.0262 0x07d8 Waiting for KSN requests completion. In queue: 8107:15:01.0276 0x07d8 AV detected via SS2: Norton Security Suite, C:Program Files (x86)Norton Security SuiteEngine21.1.0.18WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )07:15:01.0276 0x07d8 FW detected via SS2: Norton Security Suite, C:Program Files (x86)Norton Security SuiteEngine21.1.0.18WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )07:15:03.0803 0x07d8 ============================================================07:15:03.0803 0x07d8 Scan finished07:15:03.0803 0x07d8 ============================================================07:15:03.0803 0x03a8 Detected object count: 007:15:03.0803 0x03a8 Actual detected object count: 0

Link to post
Share on other sites

OK good, that was clean.

 

One more rootkit scan, let's get it verified we don't have that going on.

 

 

Please download Malwarebytes Anti-Rootkit and save it to your desktop.

[*]Be sure to print out and follow the instructions provided on that same page.

[*]Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.

[*]Scan your system for malware

[*]If malware is found, do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.

If there is no malware found, please let me know as well.

Link to post
Share on other sites

I'm going to make this the last,

 

Download AVPTool from Here to your desktop

 

Run the programme you have just downloaded to your desktop ( it will be randomly named )

 

First we will run a virus scan

On the first tab select all elements down to and including All removable drives and then select start scan

Once it has finished select report and post that.

Posted Image

Posted Image

 

Do not close AVPTool or it will self uninstall, if it does uninstall - - then just rerun the setup file on your desktop

 

Now an analysis scan

Select the Manual Disinfection tab

Press the Gather System Information button

Once done Open the last report saved folder then attach the zip file to your next post zip

The file is located at C:Usersyour nameDesktopVirus Removal Toolsetup_9.0.0.722_05.01.2011_20-34LOGavptool_sysinfo.zip

 

Posted Image

Link to post
Share on other sites

The MBAR scan was clean. Running the Virus Removal Tool tonight, will take a few hours. Should I do anything with the threats that the Kaspersky finds? (Quarantine, Delete, Skip)

Edited by lanemom56
Link to post
Share on other sites

Yes it's still going. Can I hit the Report button while it's running?

I don't know!, have no idea if it would post whats already found, and if it would terminate the scan.what I expected to see were (praying for)java filesbad files held in quarantine folders from tools we've already runsystem restore folder
Link to post
Share on other sites

It finally finished the first scan. Here's the log:

 

Status: Detected (events: 20) 12/27/2013 10:49:37 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0229a77082-196ca1cb High 12/27/2013 10:49:37 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02015585d14-3a77859e High 12/27/2013 10:49:41 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02019e4c9d4-22a6f98f High 12/27/2013 11:04:34 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02656bf0f5a-27afe244 High 12/27/2013 11:04:34 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02677ca675a-718d2202 High 12/27/2013 11:04:36 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0305974e79e-70eba7bb High 12/27/2013 11:04:36 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.031375e065f-197c4d16 High 12/27/2013 11:04:41 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0396ccf05e7-1528ee97 High 12/27/2013 11:04:49 PM Detected Trojan program HEUR:Exploit.Java.Generic C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0444ba1196c-479ec086 High 12/28/2013 12:05:05 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0229a77082-196ca1cb High 12/28/2013 12:05:05 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02015585d14-3a77859e High 12/28/2013 12:05:05 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02019e4c9d4-22a6f98f High 12/28/2013 12:05:07 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02656bf0f5a-27afe244 High 12/28/2013 12:05:07 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02677ca675a-718d2202 High 12/28/2013 12:05:08 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0305974e79e-70eba7bb High 12/28/2013 12:05:09 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.031375e065f-197c4d16 High 12/28/2013 12:05:12 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0396ccf05e7-1528ee97 High 12/28/2013 12:05:14 AM Detected Trojan program HEUR:Exploit.Java.Generic C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0444ba1196c-479ec086 High 12/28/2013 12:26:36 AM Detected adware not-a-virus:AdWare.Win32.D365.a C:WindowsSysWOW64msvcp100.dll Medium 12/28/2013 12:26:36 AM Detected adware not-a-virus:AdWare.Win32.D365.a C:WindowsSysWOW64msvcr100.dll Medium

Link to post
Share on other sites

I ran the analysis scan but am having trouble finding the log. I don't see anything with that file name or anything close. Is it supposed to be accessed from the removal tool?

 

I'm not sure if this is what you're looking for - it wasn't a zip file.

Gathering system information: completed 14 minutes ago (events: 23, time: 00:01:51) 12/28/2013 11:03:35 AM Task started Gathering system information 12/28/2013 11:03:37 AM Main script of analysis 12/28/2013 11:03:37 AM Windows version: Windows 7 Home Premium, Build=7601, SP="Service Pack 1" 12/28/2013 11:03:37 AM System Restore: enabled 12/28/2013 11:04:09 AM >> Services: potentially dangerous service allowed: TermService (@%SystemRoot%System32termsrv.dll,-268) 12/28/2013 11:04:09 AM >> Services: potentially dangerous service allowed: SSDPSRV (@%systemroot%system32ssdpsrv.dll,-100) 12/28/2013 11:04:09 AM >> Services: potentially dangerous service allowed: Schedule (@%SystemRoot%system32schedsvc.dll,-100) 12/28/2013 11:04:09 AM > Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)! 12/28/2013 11:04:09 AM >> Security: disk drives' autorun is enabled 12/28/2013 11:04:09 AM >> Security: administrative shares (C$, D$ ...) are enabled 12/28/2013 11:04:09 AM >> Security: anonymous user access is enabled 12/28/2013 11:04:09 AM >> Security: sending Remote Assistant queries is enabled 12/28/2013 11:04:11 AM >> Disable HDD autorun 12/28/2013 11:04:11 AM >> Disable autorun from network drives 12/28/2013 11:04:12 AM >> Disable CD/DVD autorun 12/28/2013 11:04:12 AM >> Disable removable media autorun 12/28/2013 11:04:12 AM >> Windows Explorer - show extensions of known file types 12/28/2013 11:04:13 AM System Analysis in progress 12/28/2013 11:05:26 AM System Analysis - complete 12/28/2013 11:05:26 AM Deleting service/driver: uti4nji0 12/28/2013 11:05:26 AM Deleting service/driver: uji4nji0 12/28/2013 11:05:26 AM Main script of analysis 12/28/2013 11:05:26 AM Task completed Gathering system information

Edited by lanemom56
Link to post
Share on other sites

C:UsersOwner.Carol-HPCarbonite Restored OLD User Settings

you did restore? or it's just located on your computer?

 

what is found are what I expected related to the java tool, but it was found in this back up.

If your going to create a backup image of your computer, you should have it scanned first then saved to a device other then your personal computer as:

external hard drive or a USB/Flash drive

 

means this backup had bad files, if you restored your computer using this we need to remove those files.

 

Not sure if an automated tool can find and delete, we'll try, if not we'll have to do it manually.

 

we'll try this again

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

 

1.3 Find here instructions how to clear the java cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

Under Temporary Internet Files, click the Delete Files button.

There are three options in the window to clear the cache - Leave ALL 3 Checked

[*]Downloaded Applets

[*]Downloaded Applications

[*]Installed Applications and Applets

Click OK on Delete Temporary Files Window

Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

 

 

 

 

 

Please download OTM by OldTimer.

[*]Please click OTM and then click >> run.

[*]Copy the lines inside the quote (don't copy the word quote), below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Files

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0229a77082-196ca1cb

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02015585d14-3a77859e

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02019e4c9d4-22a6f98f

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02656bf0f5a-27afe244

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02677ca675a-718d2202

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0305974e79e-70eba7bb

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.031375e065f-197c4d16

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0396ccf05e7-1528ee97

C:Documents and SettingsOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0444ba1196c-479ec086

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0229a77082-196ca1cb

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02015585d14-3a77859e

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02019e4c9d4-22a6f98f

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02656bf0f5a-27afe244

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.02677ca675a-718d2202

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0305974e79e-70eba7bb

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.031375e065f-197c4d16

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0396ccf05e7-1528ee97

C:UsersOwner.Carol-HPCarbonite Restored OLD User SettingsAppDataLocalLowSunJavaDeploymentcache6.0444ba1196c-479ec086

:Commands

[emptytemp]

[Reboot]

[*]Return to OTM, right click in the "Paste Instructions for items to be Moved" window (under the yellow bar) and choose Paste.

[*]Click the red Moveit! button.

[*]Close OTM

[*]Note: If an item cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:_OTMMovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

[*]NEXT

 

If you already have Malwarebytes on your computer, open the program, select the update button and allow it to update.

After it finishes, click on Quick scan.....if not follow the below

 

 

Posted Image Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

 

Double Click mbam-setup.exe to install the application.

[*]Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

[*]If an update is found, it will download and install the latest version.

[*]Once the program has loaded, select "Perform Quick Scan", then click Scan.

[*]The scan may take some time to finish,so please be patient.

[*]When the scan is complete, click OK, then Show Results to view the results.

[*]Make sure that everything is checked, and click Remove Selected.

[*]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)

[*]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

[*]Copy&Paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

 

 

Edited by Juliet
Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...